Lucene search
K

53 matches found

hackapp
hackapp
added 2016/04/01 9:37 a.m.33 views

Groupon - Shop Deals & Coupons - Customized SSL, Redefined SSL Common Names verifier, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Groupon - Shop Deals & Coupons published at the 'play' market has multiple vulnerabilities...

1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 8:51 a.m.27 views

Groupon Merchants - Customized SSL, Redefined SSL Common Names verifier, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Groupon Merchants published at the 'play' market has multiple vulnerabilities...

0.9AI score
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2013/09/26 1:30 p.m.22 views

Sefnit Click-Fraud Malware Related to Mevade Tor Botnet

A malware family, likely developed by the same authors who built a massive botnet recently discovered on the Tor network, has been revived with a stealthy new click-fraud scam. Microsoft reports a rash of new click-fraud activity linked to the Sefnit malware, which was thought dead and buried as ...

7.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2013/04/29 8:36 p.m.21 views

LivingSocial Ups its Password Encryption After Breach

The popular daily deal site LivingSocial announced Monday it has abandoned the SHA1 hash for Blowfish’s bcrypt following a massive data breach that impacted 50 million customers. The company confirmed last weekend that its computer systems were attacked and thieves gained access to names, e-mail...

1AI score
Exploits0References1
NVD
NVD
added 2012/11/04 10:55 p.m.17 views

CVE-2012-5809

The Groupon Redemptions application for Android does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

5.8CVSS6.5AI score0.00566EPSS
Exploits1References1
Prion
Prion
added 2012/11/04 10:55 p.m.10 views

Code injection

The Groupon Redemptions application for Android does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

5.8CVSS7.1AI score0.00566EPSS
Exploits1References1
Cvelist
Cvelist
added 2012/11/04 10:0 p.m.19 views

CVE-2012-5809

The Groupon Redemptions application for Android does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

6.5AI score0.00566EPSS
Exploits1References1
CVE
CVE
added 2012/11/04 10:0 p.m.33 views

CVE-2012-5809

The CVE-2012-5809 entry describes the Groupon Redemptions Android app failing to verify that the server hostname matches the CN or subjectAltName in the server’s X.509 certificate. This weakness allows MITM attackers to spoof SSL servers using an arbitrary valid certificate. The vulnerability is ...

5.8CVSS6.7AI score0.00566EPSS
Exploits1References1Affected Software1
ThreatPost
ThreatPost
added 2012/07/31 1:24 a.m.9 views

Fake Groupon Provides Great Deal … of Malware

Sophos is warning of a fake Groupon email carrying a Trojan instead of a group discount from a friend. The email mimics the real online coupon company’s branding, but a clue that the message is not legitimate is a misspelling in the subject header: “Groupon dicount gifts.” The fake offer opens wi...

7.1AI score
Exploits0References1
ThreatPost
ThreatPost
added 2012/02/22 6:45 p.m.9 views

Groupon Piggyback Site Offers $500 Voucher, Charges Users for Allegedly 'Free' Trial Offers

A domain registered two days ago as groupon500.com, which claims to offer a $500 voucher toward Groupon or its primary competitor, LivingSocial, is actually registering users for ‘free’ trial offers that aren’t free at all. The best part, however, is that everything about this scam is perfectly...

6.7AI score
Exploits0References5
The Hacker News
The Hacker News
added 2011/06/29 12:52 p.m.2 views

Indian shopping website Groupon leaks Email/Passwords of 300,000 Users

Indian shopping website Groupon leaks Email/Passwords of 300,000 Users Groupon subsidary – Sosata.com leak the e-mail addresses and plain-text passwords for 300,000 users and also the sql file is index on Google. SoSasta.com offers its services in 11 cities - Kolkata, Hyderabad, Pune, Ahmedabad,...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2011/06/29 12:52 p.m.11 views

Indian shopping website Groupon leaks Email/Passwords of 300,000 Users

Indian shopping website Groupon leaks Email/Passwords of 300,000 Users Groupon subsidary – Sosata.com leak the e-mail addresses and plain-text passwords for 300,000 users and also the sql file is index on Google. SoSasta.com offers its services in 11 cities - Kolkata, Hyderabad, Pune, Ahmedabad,...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2011/06/28 5:8 p.m.11 views

Groupon India Subsidiary Database Published, 300k Affected

Groupon is calling on users of their India subsidiary, Sosasta.com, to change their passwords after the company accidentally published a database containing the usernames and passwords of some 300,000 customers, according to a report from Risky.biz. The database, including plaintext passwords and...

1.2AI score
Exploits0References2
Rows per page
Query Builder